Christoph Wurst
d907666232
bring back remember-me
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
7 years ago
Nextcloud bot
122fbf0092
[tx-robot] updated from transifex
7 years ago
Bjoern Schiessle
86b362809b
always show correct place holder, mention share by mail only if the share provider is enabled
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
7 years ago
Bjoern Schiessle
ce08682c2f
enabled by default and add to shipped.json
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
7 years ago
Bjoern Schiessle
561dd80d57
don't show 'notify by mail' option or permissions not available for mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
7 years ago
Bjoern Schiessle
392c8a115f
unified way to display remote shares and mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
7 years ago
Bjoern Schiessle
77f74b9780
handle case if no share-by-mail share provider is loaded
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
7 years ago
Bjoern Schiessle
a17c6a485d
add share by mail share provider
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
8 years ago
Bjoern Schiessle
0a6f02801f
introduce share by mail, ui part
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
8 years ago
Nextcloud bot
20f45e6fe4
[tx-robot] updated from transifex
7 years ago
Lukas Reschke
8d83e239f3
Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
7 years ago
Joas Schilling
247b7f37ce
Color the trusted domain to alert the admin a bit more
Signed-off-by: Joas Schilling <coding@schilljs.com>
7 years ago
Roeland Jago Douma
7f30cf9119
Remove config.php for oc.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Nextcloud bot
6d2d069c17
[tx-robot] updated from transifex
7 years ago
Nextcloud bot
1187a8c183
[tx-robot] updated from transifex
7 years ago
pgys
bd7abc2d0a
restricted the height of the settings area in core/css/apps.css to max 80%
Signed-off-by: pgys <info@pexlab.space>
7 years ago
Julia Bode
2d91831b50
Issue-1776: Add unshare function to 3-dot menu.
Signed-off-by: Julia Bode <julia.bode@lulisaur.us>
7 years ago
Nextcloud bot
035890aeb1
[tx-robot] updated from transifex
7 years ago
Roeland Jago Douma
740659a04c
Move away from OC_L10N
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Nextcloud bot
ad597d498d
[tx-robot] updated from transifex
7 years ago
Nextcloud bot
9984eba727
[tx-robot] updated from transifex
7 years ago
Roeland Jago Douma
b05fe45d52
Fix avatar on exif rotated images
Fixes #1928
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Roeland Jago Douma
57e61250ac
Remove notify recipient option
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Nextcloud bot
a973c1bfb9
[tx-robot] updated from transifex
7 years ago
Lukas Reschke
015affb082
Missing returns + autoloader file
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
7 years ago
Roeland Jago Douma
6dbe417c51
Inlince oc.js if possible!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Roeland Jago Douma
d5589a15d5
Move oc.js to a proper class
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Nextcloud bot
e23a298a81
[tx-robot] updated from transifex
7 years ago
Vincent Petry
f374eb5f1d
More fixes to file upload
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Vincent Petry
25d9dce067
JS utility function to compare paths
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
8 years ago
ryanwr
3e96f33995
Sort favorite files first Issue #1802
Signed-off-by: Ryan Welch <ryantwr@gmail.com>
7 years ago
Jörn Friedrich Dreyer
817729dc3f
add upgrade command before repair, handle NeedsUpgradeExcaption better
7 years ago
Lukas Reschke
38b3ac8213
Add ContentSecurityPolicyNonceManager
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
7 years ago
Lukas Reschke
9e6634814e
Add support for CSP nonces
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
7 years ago
Joas Schilling
2aca56f207
Fix missing semicolon
Signed-off-by: Joas Schilling <coding@schilljs.com>
7 years ago
Morris Jobke
57d54c9b72
Use proper image
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Thomas Müller
e0d919bbfc
Adding Open Graph Support for public shares http://ogp.me/
In case no preview is available we display the ownCloud logo
Fix unit test
8 years ago
Vincent Petry
ae1000e045
Remove removed --dry-run command from occ help (#26352)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Robin Appelman
7427fb170f
show empty folder message in filepicker
Signed-off-by: Robin Appelman <robin@icewind.nl>
7 years ago
Morris Jobke
9aeecfb3f2
fix .gitignore and include zxcvbn.js
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Philipp Eichhorn
8936320990
Fix zxcvbn path in setup page (#26359)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Roeland Jago Douma
6136af4973
Bump bower dep to proper v4.4.0
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
7 years ago
Joas Schilling
0b1fb180a5
Make AppConfig part of the public API
Signed-off-by: Joas Schilling <coding@schilljs.com>
7 years ago
Robin Appelman
fb9e500698
Fix picking a folder with the filepicker
Signed-off-by: Robin Appelman <robin@icewind.nl>
7 years ago
Morris Jobke
b3f2771d3c
Improve the styling
* remove the scrollbar (content did an overflow due to a min-width)
* have proper padding on the right too - padding is 15px on all sides for .oc-dialog
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Morris Jobke
867f72a485
Remove deprecated breadcrumbs implementation
* was replaced by the version in files/
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Morris Jobke
33c3293d05
Remove OC.localStorage and object method
* use the localstorage APIs of the browser instead
* use new Object() instead
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Joas Schilling
4037a79328
Allow to dismiss the code integrity warning
Signed-off-by: Joas Schilling <coding@schilljs.com>
7 years ago
Morris Jobke
f7ca3ec201
Remove unneeded compatibility polyfills
- `Object.create` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/create#Browser_compatibility
- `Object.keys` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/keys#Browser_compatibility
- `Array.prototype.filter` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/filter#Browser_compatibility
- `Array.prototype.indexOf` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf#Browser_compatibility
- `Array.prototype.map` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/map#Browser_compatibility
- `Function.prototype.bind` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/bind#Browser_compatibility
- `String.prototype.trim` supported with IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/Trim#Browser_compatibility
- `outerHTML` supported with Firefox 11+: https://developer.mozilla.org/en-US/docs/Web/API/Element/outerHTML#Browser_compatibility
- `window.devicePixelRatio` supported in IE11+: http://caniuse.com/#feat=devicepixelratio
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago
Morris Jobke
a8cf110ec6
Remove unneeded placeholder polyfill
* placeholders are supported in IE11+
* http://caniuse.com/#feat=input-placeholder
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
7 years ago